<?php

class UserController extends Controller
{
	/**
	 * @var string the default layout for the views. Defaults to '//layouts/column2', meaning
	 * using two-column layout. See 'protected/views/layouts/column2.php'.
	 */
	public $layout='//layouts/column2';

	/**
	 * @return array action filters
	 */
	public function filters()
	{
		return array(
			'accessControl', // perform access control for CRUD operations
		);
	}

	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function accessRules()
	{
		return array(
			array('allow',  // allow all users to perform 'index' and 'view' actions
				'actions'=>array('index','view','more','participate'),
				'users'=>array('*'),
			),
			array('allow', // allow authenticated user to perform 'create' and 'update' actions
				'actions'=>array('create','update', 'changepwd', 'apply'),
				'users'=>array('@'),
			),
			array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array('admin','delete'),
				'users'=>array(Yii::app()->params['admin']),
			),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}

	/**
	 * Displays a particular model.
	 * @param integer $id the ID of the model to be displayed
	 */
	public function actionView($id)
	{ 		
		$model=$this->loadModel($id);
	    $create = new CActiveDataProvider('Node', array(
				'criteria'=>array(
					'condition'=>'uid = :Id',
			        'params'=>array(':Id'=>$id),
					'order'=>'id DESC Limit 5',
				),
				'pagination'=>false,
			));
			
		$participate = new CActiveDataProvider('NodeUser', array(
				'criteria'=>array(
					'condition'=>'uid = :Id',
			        'params'=>array(':Id'=>$id),
					'order'=>'id DESC Limit 5',
				),
				'pagination'=>false,
			));
		
		$this->render('view',array(
			'model'=>$model,
		    'create'=>$create,
			'participate'=>$participate,
		));
	}
	
	public function actionMore($id)
	{
		$model=$this->loadModel($id);
		$create = new CActiveDataProvider('Node', array(
				'criteria'=>array(
					'condition'=>'uid = :Id',
			        'params'=>array(':Id'=>$id),
					'order'=>'id DESC',
				),
				'pagination'=>array(
					'pageSize'=>10
				),
			));
		$participate = new CActiveDataProvider('NodeUser', array(
				'criteria'=>array(
					'condition'=>'uid = :Id',
			        'params'=>array(':Id'=>$id),
					'order'=>'id DESC',
				),
				'pagination'=>array(
					'pageSize'=>10
				),
			));
			
		$this->render('more',array(
			'model'=>$model,
		    'create'=>$create,
		));
	}
	
	public function actionJoin($id)
	{
		$model=$this->loadModel($id);
		$participate = new CActiveDataProvider('NodeUser', array(
			'criteria'=>array(
				'condition'=>'uid = :Id',
			    'params'=>array(':Id'=>$id),
				'order'=>'id DESC',
			),
			'pagination'=>array(
				'pageSize'=>15
			),
			));
			
			$this->render('join',array(
			'model'=>$model,
		    'join'=>$join,
			));
	}
	/**
	 * Creates a new model.
	 * If creation is successful, the browser will be redirected to the 'view' page.
	 */
	public function actionCreate()
	{
		$model=new User('create');

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['User']))
		{
			$model->attributes=$_POST['User'];
			if($model->save())
				$this->redirect(array('view','id'=>$model->id));
			}
			unset($model->password); // 销毁密码，在User模型中它在验证完之后被加密了
			$this->render('create',array(
			'model'=>$model,
		));
		
	}

	/**
	 * Updates a particular model.
	 * If update is successful, the browser will be redirected to the 'view' page.
	 * @param integer $id the ID of the model to be updated
	 */
	public function actionUpdate($id)
	{
		$model=$this->loadModel($id);

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['User']))
		{
			$model->attributes=$_POST['User'];
			if($model->save())
				$this->redirect(array('view','id'=>$model->id));
		}
		$this->render('update',array(
			'model'=>$model,
		));
	}

	/**
	 * Deletes a particular model.
	 * If deletion is successful, the browser will be redirected to the 'admin' page.
	 * @param integer $id the ID of the model to be deleted
	 */
	public function actionDelete($id)
	{
		if(Yii::app()->request->isPostRequest)
		{
			// we only allow deletion via POST request
			$model=$this->loadModel($id);
			$model->status=DefineBox::USER_STATUS_DELETE;
            $model->save();
			// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
			if(!isset($_GET['ajax']))
				$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
		}
		else
			throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
	}

	/**
	 * Lists all models.
	 */
	public function actionIndex()
	{
		$dataProvider=new CActiveDataProvider('User', array(
			'pagination'=>array(
				'pageSize'=>50,
			),
		));
		$this->render('index',array(
			'dataProvider'=>$dataProvider,
		));
	}

	/**
	 * Manages all models.
	 */
	public function actionAdmin()
	{
		$model=new User('search');
		$model->unsetAttributes();  // clear any default values
		if(isset($_GET['User']))
			$model->attributes=$_GET['User'];

		$this->render('admin',array(
			'model'=>$model,
		));
	}

	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * @param integer the ID of the model to be loaded
	 */
	public function loadModel($id)
	{
		$model=User::model()->findByPk($id);
		if($model===null)
			throw new CHttpException(404,'The requested page does not exist.');
		return $model;
	}

	/**
	 * Performs the AJAX validation.
	 * @param CModel the model to be validated
	 */
	protected function performAjaxValidation($model)
	{
		if(isset($_POST['ajax']) && $_POST['ajax']==='user-form')
		{
			echo CActiveForm::validate($model);
			Yii::app()->end();
		}
	}
	
	public function actionChangepwd($id)
	{
		$user = User::model()->findByPk($id);
		// 与Session中的user信息比对
		if ($user->id !== Yii::app()->user->id){
			throw new CHttpException(405,'你不是该用户，没有修改其密码的权限！');
		}
		else{
			$model=new User('changepwd');
			// 开启ajax验证
			$this->performAjaxValidation($model);
			if(isset($_POST['User'])) {
				$model->attributes = $_POST['User'];
				if ($model->validate()){
					$user->password = md5($model->password);
					if($user->update()){
						$this->redirect(array('view','id'=>$user->id));
					}
				}
			}
		}
		$this->render('changepwd',array('model'=>$model, 'user'=>$user));
	}
	
	/**
	 * 用户申请
	 */
	public function actionApply($type, $id)
	{
		$model = new UserHelper;
		// 成为合作者
		switch ($type){
			case 'helper':
				$model->uid = yii::app()->user->id;
				$model->hid = $id;
				if($model->save(false)){
					$this->redirect(array('view','id'=>$id));
				}
				breake;
			// 取消合作者
			case 'unhelper':
				$model->findByAttributes(array('uid'=>Yii::app()->user->id, 'hid'=>$id))->delete();
				$this->redirect(array('view','id'=>$id));
		}
	}
	
}
